Miranda – Page 8 – DoGoodSoft's Official Blog

Government says Apple arguments in encryption case a “diversion”, presents point-by-point rebuttal

As the Apple vs. FBI encryption debate heats up in California, the U.S. government on Thursday fired back at Apple’s oppositions to a court order compelling its assistance in an FBI investigation, and in a new motion discounted a number of arguments related to supposed backdoors, “master keys,” the All Writs Act and more.

In its letter in support of a federal magistrate judge’s original order to compel Apple’s help in unlocking an iPhone used by San Bernardino terror suspect Syed Rizwan Farook, federal prosecutors intimate the company is playing to the media in an attempt to protect its brand. The document was penned by U.S. Attorneys for the Central District of California Eileen M. Decker, Chief of the Cyber and intellectual Property Crimes Section Tracy L. Wilkison and Chief of the National Security Division Patricia A. Donahue.

“Apple and its amici try to alarm this Court with issues of network security, encryption, back doors, and privacy, invoking larger debates before Congress and in the news media. That is a diversion. Apple desperately wants—desperately needs—this case not to be ‘about one isolated iPhone,'” the letter reads. (Emphasis in original.)

The government argues Farook’s phone may contain actionable intelligence that could help shed light on last year’s terror attack. Investigators need Apple’s help in acquiring said information, if it exists, but instead of providing aid as it has done in the past, the company is waging a war of words both in court and publicly. Prosecutors classify Apple’s statements, including arguments that weakening the security of one iPhone is a slippery slope to a surveillance state, as “not only false, but also corrosive of the very institutions that are best able to safeguard our liberty and our rights.”

One of Apple’s main targets is the All Writs Act, a contingency that imbues courts with the power to issue orders if no other judicial tools are available. After being met with resistance to an initial warrant, the FBI leveraged AWA as a legal foundation to compel Apple’s assistance. If the DOJ is successful in its court action, it could pave the way for broader application of the statute in other investigations, Apple says. Indeed, the FBI is currently asserting AWA in at least nine other cases involving iOS devices.

In this case, however, the government argues its use of AWA is proper.

As for undue burden, the letter notes Apple grosses hundreds of billions of dollars each year. It would take as few as six employees plucked from Apple’s workforce of approximately 100,000 people as little as two weeks to create a workable solution to the FBI’s problem, the letter says, adding that the company is to blame for being in the position it currently finds itself.

“This burden, which is not unreasonable, is the direct result of Apple’s deliberate marketing decision to engineer its products so that the government cannot search them, even with a warrant,” according to the government.

A few interesting tidbits were also revealed in the course of dismantling Apple’s opposition, including a technical revelation that strikes at the heart of one of Apple’s key arguments. Apple has maintained that a forced iCloud backup, obtained by connecting Farook’s iPhone to a known Wi-Fi network, might contain information FBI agents are looking for. However, that option was rendered moot after the FBI ordered San Bernardino officials to reset Farook’s Apple ID password.

“The evidence on Farook’s iCloud account suggests that he had already changed his iCloud password himself on October 22, 2015—shortly after the last backup—and that the autobackup feature was disabled. A forced backup of Farook’s iPhone was never going to be successful, and the decision to obtain whatever iCloud evidence was immediately available via the password change was the reasoned decision of experienced FBI agents investigating a deadly terrorist conspiracy,” the government claims.

Finally, the letter takes issue with Apple’s assertions that the instant order violates its First and Fifth Amendment rights. Apple claims computer code should be covered by free speech protections, meaning DOJ requests to write code in an attempt to break into Farook’s iPhone amounts to forced speech. Nebulous legal footing aside, Apple’s claims are “particularly weak because it does not involve a person being compelled to speak publicly, but a for-profit corporation being asked to modify commercial software that will be seen only by Apple”

The idea of narrow investigation is mentioned multiple times. Apple is not being required to create a master key for all iOS devices, government representatives insist, but instead a piece of code applicable to one iPhone. Even if hackers or nefarious agents manage to steal said code, it would only be useful in unlocking Farook’s iPhone 5c, the government attests. This issue is under debate, however, as some experts say the flawed iOS version could be used on other devices. Creating a specialized forensics tool also acts as a proof-of-concept that iOS is vulnerable to attack.

Apple and the DOJ are set to meet in court over the matter in a hearing scheduled for March 22.

New FBI strategy wins back lost ground in encryption fight

By July 2015, FBI Director Jim Comey knew he was losing the battle against sophisticated technologies that allowed criminals to communicate without fear of government surveillance.

In back-to-back congressional hearings that month, Comey struggled to make the case that terrorists and crooks were routinely using such encryption systems to evade the authorities. He conceded that he had no real answer to the problem and agreed that all suggested remedies had major drawbacks. Pressed for specifics, he couldn’t even say how often bureau investigations had been stymied by what he called the “going dark” problem.

“We’re going to try and do that for you, but I’m not optimistic we’re going to be able to get you a great data set,” he told lawmakers.

This week, Comey was back before Congress with a retooled sales pitch. Gone were the vague allusions to ill-defined problems. In their place: a powerful tale of the FBI’s need to learn what is on an encrypted iPhone used by one of the terrorists who killed 14 people in California. “Maybe the phone holds the clue to finding more terrorists. Maybe it doesn’t,” Comey wrote shortly before testifying. “But we can’t look the survivors in the eye, or ourselves in the mirror, if we don’t follow this lead.”

The tactical shift has won Comey tangible gains. After more than a year of congressional inaction, two prominent lawmakers, Sen. Mark Warner (D-Va.) and House Homeland Security Chairman Michael McCaul (R-Texas), have proposed a federal commission that could lead to encryption legislation. Several key lawmakers, who previously hadn’t chosen sides over encryption, such as Rep. Jim Langevin (D-RI), are siding with the administration in its legal battle with Apple. Likewise, several former national security officials — such as former National Security Agency chief Gen. Michael Hayden and former Director of National Intelligence Mike McConnell — who lined up with privacy advocates in the past have returned to the government side in this case.

“The public debate was not going the FBI’s way and it appears there’s been a deliberate shift in strategy,” said Mike German, a former FBI special agent. “They realized…that the most politically tenable argument was going to be ‘we need access when we have a warrant and in a serious criminal case. All the better if it’s a terrorism case.’”

The catalyst for change has been a high-stakes legal fight in a central California courtroom where Apple seeks to overturn a judge’s order to write new software to help the FBI circumvent an iPhone passcode. Other technology companies such as Microsoft, Google, Facebook and Twitter this week rallied to Apple’s side. The Justice Department, meanwhile, has drawn supporting legal briefs from law enforcement associations as well as families of the San Bernardino victims.

Comey’s evolution may have been foreshadowed last summer. In an August email, Robert Litt, the intelligence community’s top lawyer, wrote colleagues that the mood on Capitol Hill “could turn in the event of a terrorist attack or criminal event where strong encryption can be shown to have hindered law enforcement,” according to The Washington Post.

The Dec. 2 San Bernardino attack, coming less than three weeks after a coordinated series of Islamic State shootings and bombing killed at least 130 people in Paris, reignited law enforcement concern about terrorists’ ability to shield their plotting via encryption. The San Bernardino killers, Syed Farook and his wife Tashfeen Malik, destroyed two cellphones before dying in a gun battle with police. Investigators discovered the iPhone at issue in the courtroom fight inside the Farook family’s black Lexus sedan.

To be sure, Comey’s new strategy thus far has paid only limited dividends. The Warner-McCaul commission, if it is ever formed, may or may not change U.S. encryption policy. Renewed support from former officials, such as Hayden and McConnell, extends only to the San Bernardino case.

Indeed, the FBI director’s hopes for an enduring solution to “the going dark” problem remain aspirational. The White House last fall abandoned plans to seek legislation mandating a technological fix for authorities’ encryption headaches. And since then, the Obama administration has confined itself to jawboning Silicon Valley.

But in choosing to make a fight over the iPhone used by one of the San Bernardino terrorists, Comey has selected an advantageous battlefield. Many encryption supporters say that the San Bernardino case isn’t really about encryption because the FBI is asking Apple to build custom software that bypasses the phone’s passcode, a separate though related security feature. That distinction, however, may be lost on the public and many members of Congress. Some have even speculated the FBI is using the San Bernardino massacre to revive an encryption debate that it appeared to have lost.

“It appears to me they’re using this case specifically to try to enact a policy proposal they could not get through Congress last year,” said Rep. Ted Lieu (D-Calif.), an encryption advocate. “It’s clear to me that the FBI is trying to use this case to influence the public.”

The fight with Apple not only carries the emotional heft of terrorism, but — thanks to the distinction between encryption backdoors and passcode subversion — has drawn many of Comey’s most vocal critics from the national security community back into the fold.

Hayden, the former NSA head, and McConnell, the nation’s ex-intelligence czar, opposed Congress mandating the creation of technological “back doors” for the government to exploit. Yet, on the Apple case, they side with Comey.

“The FBI made this a test case and that was very deliberate on their part, to refocus the conversation,” said Robert Cattanach, a former Justice Department prosecutor. “This is not some abstract principle of privacy versus government overreach. There are real impacts.”

The San Bernardino case could be a win-win for Comey. If Apple prevails in court, Congress might respond by intervening with legislation. Both the FBI and Apple have said Congress is better equipped to manage the issue than courts.

The legal battles also may discourage companies from building strong encryption given the risk of future legal showdowns, said German, who is now a fellow with the Brennan Center for Justice.

“This is less about Apple than about the developer who is sitting in his garage right now creating the next big thing,” he said. “The idea is to make that person realize that the stronger they build the security the harder it will be for them when they get that order to unlock it to do so. There’s an incentive to build a crack in the system.”

No room for compromise in Apple vs FBI iPhone encryption battle

As Apple’s legal battle with the FBI over encryption heads toward a showdown, there appears little hope for a compromise that would placate both sides and avert a divisive court decision.

The FBI is pressing Apple to develop a system that would allow the law enforcement agency to break into a locked iPhone used by one of the San Bernardino attackers, a demand the tech company claims would make all its devices vulnerable.

In an effort to break the deadlock, some US lawmakers are pushing for a panel of experts to study the issue of access to encrypted devices for law enforcement in order to find common ground.

Senator Mark Warner and Representative Mike McCaul on Monday proposed the creation of a 16-member “National Commission on Security and Technology Challenges.”

But digital rights activists warn that the issue provides little middle ground — that once law enforcement gains a “back door,” there would be no way to close it.

“We are concerned that the commission may focus on short-sighted solutions involving mandated or compelled back doors,” said Joseph Hall, chief technologist at the Center for Democracy & Technology.

“Make no mistake, there can be no compromise on back doors. Strong encryption makes anyone who has a cell phone or who uses the Internet far more secure.”

Kevin Bankston of the New America Foundation’s Open Technology Institute expressed similar concerns.

“We’ve already had a wide range of blue ribbon expert panels consider the issue,” he said.

“And all have concluded either that surveillance back doors are a dangerously bad idea, that law enforcement’s concerns about ‘going dark’ are overblown, or both.”

The debate had been simmering for years before the Apple-FBI row.

Last year, a panel led by Massachusetts Institute of Technology scientists warned against “special access” for law enforcement, saying they pose “grave security risks” and “imperil innovation.”

Opening up all data

“I’m not sure there is much room for compromise from a technical perspective,” said Stephen Wicker, a Cornell University professor of computer engineering who specializes in mobile computing security.

Opening the door to the FBI effectively makes any data on any mobile device available to the government, he said.

“This is data that was not available anywhere 10 years ago, it’s a function of the smartphone,” Wicker said.

“We as a country have to ask if we want to say that anything outside our personal human memory should be available to the federal government.”

Apple has indicated it is ready for a “conversation” with law enforcement on the matter.

But FBI Director James Comey told a congressional panel that some answers are needed because “there are times when law enforcement saves our lives, rescues our children.”

Asked about the rights envisioned by the framers of the US constitution, he said, “I also doubt that they imagined there would be any place in American life where law enforcement, with lawful authority, could not go.”

A brief filed on behalf of law enforcement associations argued that because of Apple’s new encryption, criminals “have now switched to the new iPhones as the device of choice for their criminal wrongdoing.”

Ed Black, president of the Computer & Communications Industry Association, which includes major technology firms but not Apple, said that although tech firms and law enforcement have had many battles, “there are many areas where we cooperate and where we find middle ground.”

But Black said the tech sector is largely united in this case because the FBI wants Apple to create weaker software or introduce “malware” to be able to crack the locked iPhone.

“On this narrow specific issue of ‘can companies be compelled to create malware,’ I think there may not be an answer,” he said.

‘Going dark’ fears

Law enforcement fears about “going dark” in the face of new technology have been largely exaggerated, Black said.

While access to encrypted apps and smartphones is difficult and traditional wiretaps don’t work on new technology, “there are a lot of other tools for law enforcement,” he said.

“There is more information available in 2016 than in any year since the founding of the country.”

Although law enforcement has growing expectations about using technology to thwart criminals, that type of power is too broad, Black added.

“If they are seeking a level of total surveillance capability, I don’t see a compromise available,” he said.

Wicker said that to give law enforcement access, Congress could in theory mandate that devices use automatic cloud backups that could not be disabled. But that would constitute a dramatic departure from current views about privacy.

“From an individual rights standpoint,” he said, “that would take away control by the user of their personal information.”

Amazon Dropping Fire Encryption Has Nothing to Do With Apple

Today, several reports pointed out that Amazon’s Fire OS 5 does not support device encryption, drawing a connection between the company’s encryption retreat and the current Apple-FBI iPhone unlocking fracas. But Amazon’s decision to remove Fire OS 5’s onboard encryption is not a new development, and it’s not related to the iPhone fight. The real question at hand is why Amazon decided to roll back encryption protection for consumers all on its own.

Introduced last fall, Amazon’s Fire OS 5 featured a refreshing redesign that added several usability features. But Fire OS 5 also took away device encryption support, while still maintaining security features for communication between devices and Amazon’s cloud.

“In the fall when we released Fire OS 5, we removed some enterprise features that we found customers weren’t using,” Amazon spokesperson Robin Handaly told WIRED. “All Fire tablets’ communication with Amazon’s cloud meet our high standards for privacy and security, including appropriate use of encryption.”

We’ve reached out again for clarification as to what “appropriate use” of encryption entails in Amazon’s view.

To be clear, removing encryption protections of any kind from Fire tablets should be seen as a step back for consumers, and for security as a whole.

“Amazon’s decision is backward—it not only moves away from default device encryption, where other manufacturers are headed, but removes all choice by the end user to decide to encrypt it after purchase,” says Nathan White, Senior Legislative Manager at digital rights organization Access Now. “The devices themselves also become more attractive targets for thieves. Users should no longer trust these devices: If you wouldn’t post it to the internet publicly, don’t put it on a Fire Tablet.”

Further, Amazon’s insistence that it maintains a secure connection with the cloud doesn’t ease concerns over the data on the device itself that’s now vulnerable.

“Data encryption at rest and data encryption in motion are two completely different things,” says White. “They shouldn’t conflate two important issues by saying ‘we encrypt in motion, so data at rest doesn’t matter.’”

Even without the cloud connection, a device stores all sorts of personal information, from email credentials to credit card numbers to sensitive business information, if you happen to be an enterprise user. In fact, the lack of encryption means corporate customers aren’t able to use certain email clients on Fire tablets any longer.

Amazon’s move is a bad one. But it’s not a retreat in the face of Apple-FBI pressures. For better or worse (mostly worse), it’s been this way for months. As Handaly noted, Fire OS 5 came out last fall, on a suite of new Amazon devices. Amazon message board users have been commenting on, and complaining about, the absence of encryption since at least early January.

So why the sudden focus? Likely because of this tweet:

People are talking about the lack of encryption today because the OS update is only now hitting older devices, like the fourth-generation Fire HD and Fire HDX 8.9. Despite how neatly the sudden forfeiture of encryption by a tech giant fits the Apple-FBI narrative, this encryption deprecation isn’t related to that battle. Instead, Amazon appears to have given up onboard encryption without any public fight at all.

“This move does not help users. It does not help corporate image. And it does not fit into industry trends,” says Amie Stepanovich, US Policy Manager at Access Now.

U.S.Defense Secretary Ashton Cater Doesn’t Believe in Encryption Backdoors

Secretary of Defense Ashton Carter came out against supporting encryption back-doors at a conference panel on Wednesday.

At the RSA information security conference in San Francisco, Carter told a packed room that he supported strong encryption and thought back-door access to encrypted communication as unrealistic. During his talk on the Apple vs. FBI case, which he shied away from the details because it is a “law enforcement issue,” Carter received scattered applause from the crowd of security professionals after he said he supports strong encryption.

“I think first of all that for the Department of Defense, data security including encryption is absolutely essential to us. We are for strong encryption,” Carter says. “I’m not a believer in backdoors or a single technical approach. I don’t think it’s realistic.”

Carter joined Attorney General Loretta Lynch in supporting encryption at the RSA Conference this week. In a stage interview with Bloomberg at the Moscone Center on Tuesday, Lynch called for “a middle ground” between national security and privacy.

In the 50-odd minute talk with Ted Schlein, general partner for the influential venture capital firm Kleiner, Perkins, Caufield & Byers, Carter focused his talk on how to bridge the gap between the Pentagon and Silicon Valley.

Carter, who was appointed to the secretary position last February by President Barack Obama, spoke about two initiatives in particular: the Defense Innovation Unit-Experimental (DIUx) and the Defense Innovation Advisory Board. Both serve to make the department more agile and tech-savvy in the age of cyberwarfare with competitors like Russia and China, Carter says.

“DIUX is a place to connect. It is down the road [from Silicon Valley]. I’ve given it a very open charter,” Carter says. “We need to be very hawkish on the idea of reform.”

Earlier on Wednesday, the Defense Department announced that former Google CEO Eric Schmidt will chair the Defense Innovation Advisory Board. “There is going to be some technical minds who come in and giving me advice to be more innovative,” Carter says. “I am so grateful to Eric Schmidt for his willingness to do this. He’s the perfect chairman for this.”

He also announced a new competition called “Hack the Pentagon” where ethical, or white hat, hackers find vulnerabilities in the Pentagon’s systems and boost the overall cybersecurity of the department. “You would rather find the vulnerabilities in your networks that way than the other way of pilfering information,” Carter says. Hackers must be American citizens, Carter added.

While the Pentagon is bolstering its defenses in protecting its own data, it is also aggressively attacking ISIS, Carter says. Similar to the radio-jamming tactics during the Cold War, the Pentagon has been disrupting the terrorist group’s online channels of communications. “We will and must defeat ISIL. I’m looking for all the ways to accelerate that,” Carter says. “We are using cyber to disrupt communication and doubt the reliability of the comm. Now that enemies use cyber, that’s another way to shut them down.”

Apple’s rivals wary of taking stand on encryption issue, against the FBI

As Apple resists the US government in a high profile stand-off over privacy, rival device makers are, for now, keeping a low profile.

Most are Asian companies — the region produces eight of every 10 smartphones sold around the world — and operate in a complex legal, political and security landscape.

Only China’s Huawei has publicly backed Apple CEO Tim Cook in his fight to resist demands to unlock an encrypted iPhone belonging to one of those who went on a shooting rampage in San Bernardino, California in December.

“We put a lot of investment into privacy, and security protection is key. It is very important for the consumer,” Richard Yu, chief executive of Huawei’s consumer business group, told reporters at the Mobile World Congress earlier this week.

But Yu stopped short of saying explicitly that Huawei would adopt the same stance. “Some things the government requires from vendors we cannot do,” he said, citing an example of unlocking an encrypted Android device. “These are important things for the consumer, for privacy protection.”

Lenovo Group CEO Yang Yuanqing declined to say whether he backs the Apple position, saying the issue required time and consideration.

“Today it happens to Apple, tomorrow it could happen to Lenovo mobile phones. So we must be very serious to consider. We need to take some time,” Yang told Reuters.

Samsung Electronics Co and Chinese device maker Xiaomi declined to comment, while ZTE Corporation did not respond to requests for comments.

South Korean mobile maker LG Electronics Inc said it takes personal privacy and security very seriously, but declined to say whether it had ever worked with any government to insert so-called “backdoors” into its products or whether it had ever been asked to unlock a smartphone.

“Nobody wants to be seen as a roadblock to an investigation,” said a spokesperson for Micromax, India’s biggest local smartphone maker. “Nobody wants that kind of stigma. We have to take care of both customer security as well as (a) genuine threat to national security.”

Many Asian countries don’t have privacy laws that device makers can fall back on to resist demands from law enforcement authorities.

“As part of the evidence gathering process provided for under the law, law enforcement agencies in Singapore may request information from persons or organizations,” Singapore’s Ministry of Home Affairs Spokesperson told Reuters.
An official at India’s telecom regulator said authorities can ask for private user data from technology companies, as can those in Indonesia, said Ismail Cawidu, spokesman for Indonesia’s Communication and Information Ministry.
Eugene Tan, associate professor of law at the Singapore Management University, said he wouldn’t be surprised if technology firms weren’t being asked for access to their devices.

“It’s just that these are not made public. You can imagine for the technology companies, they are also concerned about the publicity — if they are seen to be caving in to law enforcement agencies, there is always a fear that people may not use their products and services,” he said.

Micromax said this was commonplace in India. “I can’t say no to a law enforcement request, and every day there is one,” the company’s spokesperson said. “You have to comply with requests in the larger interest of national security.”

The Apple battle may even spur regulators in some markets to demand device makers to grant them access.
Thailand’s telecoms regulator said it is studying the possibility of having separate agreements with handset makers and social media firms such as Facebook and Naver’s LINE to help extract data from mobile phones.
“There is political pressure” for regulating devices, said Rob Bratby, manager of Olswang Asia, a technology-focused law firm based in Singapore.

He said there was no evidence of any such regulatory interest yet, but it was a matter of time.

Encryption is Not a Threat to Our Safety, But Political Correctness is

The legal battle between Apple, Inc and the US government has no sign of abating. Tim Cook, CEO of Apple, indicated that he is willing to fight the US government all the way to the Supreme Court. Apple Inc. just upped the ante by announcing that its engineers are working on new iPhone security features, which would make the iphone almost impossible to hack into by the company itself or government agencies. On the other hand, many government officials and politicians argue that encryption deprives them of opportunities to track the activities of bad guys and stop them from doing harm. Some in Congress are working on a new law to compel technology companies to grant the US government “limited” access by circumventing encryption.

Supporters of either Apple or the US government have written extensively on privacy vs. security issues. But something else has been missing in the current debate. Let’s revisit the San Bernardino terrorist attack. It’s worth remembering that one of the San Bernardino shooters, Tashfeen Malik, didn’t encrypt her radical and anti-America thoughts and ideas on Facebook prior to her visa application, they were posted for anyone to read. But our immigration officials were prevented from reviewing her easily accessible social media postings because the Secretary of Homeland Security feared a civil liberty backlash and bad PR. There is no legal basis for the Secretary’s concern. America has no obligation to grant a visa to any non-US citizen who expresses anti-America sentiment. It was widely reported after the San Bernardino shooting that Tashfeen Malik was responsible for radicalizing her husband Syed. Had someone at the Department of Homeland done half an hour google search, and accordingly denied Tashfeen’s fiancées visa, fourteen lives in San Bernardino could have been saved.

Failing to vet Tashfeen Malik adequately was not an outlier case. The leadership of the Department of Homeland security has a history of ” willingness to compromise the security of citizens for the ideological rigidity of political correctness.” Philip Haney, a former officer who spent 15 years at the Department of Homeland Security (DHS), wrote for the Hill recently that back in 2009, he was ordered by his supervisor at DHS ” to delete or modify several hundred records of individuals tied to designated Islamist terror groups like Hamas from the important federal database, the Treasury Enforcement Communications System (TECS).”

Apple and FBI to testify before Congress next week over encryption

Over the past few days, Apple has made it abundantly clear that it will not comply with the FBI’s demand that it write a new piece of software to help bypass built-in iPhone security measures.

On the contrary, Apple has said that it wants the FBI to withdraw all of its demands while adding that the only way to move forward is to form a commission of experts on intelligence, technology, and civil liberties to discuss “the implications for law enforcement, national security, privacy, and personal freedoms.”

In the meantime, Apple has vehemently argued that Congress should be tasked with determining the fate of the shooter’s iPhone, not the courts. Come next Tuesday, Apple will finally be able to plead its case directly in front of our country’s lawmakers.

Earlier today, the House Judiciary Committee announced that it will be holding a congressional hearing on encryption on Tuesday, March 1. The hearing itself is called, “The Encryption Tightrope: Balancing Americans’ Security and Privacy.”

Slated to testify on the first panel is FBI director James Comey who, you might recall, recently penned a blogpost arguing that the current debate isn’t about the implications of encryption, but rather about “the victims and justice.”

On the second panel, Apple’s top lawyer, Bruce Sewell, will appear and present Apple’s case. Appearing alongside him will be Susan Landau, a cybersecurity expert, and New York District Attorney Cyrus R. Vance, Jr.

A statement from the House Judiciary Committee on the upcoming hearing reads as follows:

This should undoubtedly make for a lively hearing.

Speaking to the seriousness with which Apple views this debate, Tim Cook yesterday said that helping the FBI would be tantamount to creating the “software equivalent of cancer.”

Apple CEO defends position in encryption dispute with feds

Apple CEO Tim Cook said in an interview Wednesday it was a tough decision to resist a court order directing the tech giant to override security features on the iPhone used by one of the San Bernardino gunmen who killed 14 people in a December terror attack.

However, Cook reiterated to ABC News in his first interview since the controversy erupted last week that if his company complied with the FBI’s demand to unlock Syed Rizwan Farook’s encrypted phone it would be “bad for America.”

“Some things are hard and some things are right, and some things are both. This is one of those things,” Cook said. The interview came as both sides in the dispute are courting public support, through interviews and published statements, while also mustering legal arguments in the case.

Federal authorities have insisted they’re only asking for narrow assistance in bypassing some security features on the iPhone, which they believe contains information related to the mass murders. Apple argues that doing so would make other iPhones more susceptible to hacking by authorities or criminals in the future.

The Apple chief expressed sympathy for the shooting victims’ families, and said his company provided engineers and technical advice to authorities investigating the case. But he said authorities are now asking the company “to write a piece of software that we view as sort of the equivalent of cancer.”

The software could “expose people to incredible vulnerabilities,” Cook added, arguing that smartphones contain private information about users and even their families.

“This would be bad for America,” he said. “It would also set a precedent that I believe many people in America would be offended by.”

Meanwhile, Attorney General Loretta Lynch defended the FBI’s push to access the locked phone Wednesday, saying judges at all levels have held such companies “must assist if it is reasonably within their power to do so – and suggesting Congress does not need to get involved as Apple wants.

But Lynch used testimony Wednesday before a House appropriations subcommittee to lay out the DOJ position that courts already have found companies must assist in opening devices.

“If the government needs the assistance of third parties to ensure that the search is actually conducted, judges all over the country and on the Supreme Court have said that those parties must assist if it is reasonably within their power to do so,” she said, without mentioning Apple by name. “And that is what we have been asking, and we owe it to the victims and to the public whose safety we must protect to ensure that we have done everything under the law to fully investigate terrorist attacks on American soil.”

Apple also is expected to argue that the Obama administration’s request to help it hack into an iPhone in the federal investigation of the San Bernardino attack is improper under an 18th century law, the 1789 All Writs Act, which has been used to compel companies to provide assistance to law enforcement.

Magistrate Judge Sheri Pym in California ordered Apple last week to create specialized software to help the FBI hack into a locked, county-issued iPhone used by Farook.

Why Canada isn’t having a policy debate over encryption

The legal saga between Apple and the FBI has thrust encryption into the government’s policy spotlight again – but only if you live in the United States. In Canada, you could be excused for not knowing such a debate exists .

Ever since FBI director James Comey characterized the rising tide of encrypted data as “going dark” in an October, 2014 speech, American civil liberties groups, cryptographers, private companies and politicians have argued ceaselessly about encryption’s merits and the dangers of so-called backdoors.

While most acknowledge that encryption keeps vast swaths of Internet communication and services secure, there have nonetheless been calls for legislation, “golden keys” and the formation of encryption committees in response to increasingly vocal arguments that encryption is helping criminals and terrorists operate beyond the law’s reach.

Things culminated last week with the FBI’s order that Apple Inc. modify its software to make it easier for law enforcement to break the iPhone’s security protections – modifications that have been characterized as a backdoor for law enforcement, or criminals, to use again and again.

In Canada, however, policy discussions involving encryption and, more largely, police powers in the digital realm – such as cellphone tracking devices and the use of hacking tools – have been “functionally non-existent,” according to Citizen Lab researcher Christopher Parsons.

“We haven’t had the kind of debate and back and forth and public positions taken that you see in the United States, you see in the United Kingdom. We just don’t do it here,” Mr. Parsons said.

Some of the reasons are familiar. There is, for example, a comparatively smaller policy community in Canada that focuses on these issues than there is in the U.S., and a smaller amount of case law – not to mention the fact that previous governments have shown more interest in expanding police powers, rather than curtailing or even detailing them.

And if past U.S. cases are any indication, the government will just as easily benefit by staying out of the debate and piggybacking on the outcome of the FBI’s case.

“They can dodge the debate and benefit from it without having to engage in it,” said Tamir Israel, a staff lawyer with the Canadian Internet Policy and Public Interest Clinic. “And then the other side to that is they often will find quieter ways to get comparable results where they can’t directly piggyback.”

By way of example, Mr. Israel pointed to the Solicitor General’s Enforcement Standards (SGES), which outline 23 technical surveillance standards that must be followed as a condition of obtaining a wireless spectrum licence in Canada. After the U.S. passed lawful surveillance legislation called the Communications Assistance for Law Enforcement Act in the 1990s, Canada used the SGES to quietly introduce similar standards.

Although the standards were introduced in the mid-1990s and updated again in 2008, details were not made public until The Globe and Mail obtained past and current versions of the documents in 2013.

Mr. Israel pointed to a wider problem preventing a successful encryption debate in Canada: a lack of transparency surrounding the government’s position and policies. He raised cellphone tracking technology called Stingrays, or IMSI catchers, as an example. “I personally find it very hard to believe that no law enforcement agencies in Canada are using these. But we can’t even get the debate going, because we can’t get past that first step where any of them admit that they’re using them.”

The RCMP would not comment on Apple’s dispute with the FBI but said in a statement: “International police agencies are all in agreement that some ability to access evidence when judicial authorization is granted is required, recognizing that secure data and communications enables commerce and social interactions in today’s reality. These are complex challenges which the RCMP continues to study.”

The statement continued: “The RCMP encourages public discourse with Canadians as public policy continues to take shape on the issue of encryption.”

The Office of the Privacy Commissioner of Canada said in an e-mail that it was not aware of any government agencies that have proposed backdoors in Canadian companies or Internet service providers, and that it is following encryption discussions “with interest.”

When reached via e-mail, Liberal MP Robert Oliphant, who chairs the standing committee on public safety and national security, wrote that, “while encryption and backdoors are of great concern to a number of people, they have not yet surfaced as issues for our committee in its early days.”

However, he added, the committee is still “sifting through all the important issues of safety and security and will be setting our work plan shortly.”

Public Safety Canada said in a statement that it is “monitoring the ongoing debate in the U.S. and other countries on the issue of government access to encrypted data” and that “no special events related to encryption” are currently planned.

NDP MP and committee vice-chair Brian Masse, echoing Mr. Oliphant’s statement, added that any proposed legislative changes involving encryption or backdoors should be handled democratically and involve both the Privacy Commissioner and Parliament.

Meanwhile, neither the chair nor vice-chairs of the standing committee on industry, science and technology responded to a request for comment.

A small comfort, Citizen Lab’s Mr. Parsons argued, is that Canadian politicians have shown themselves to be more level-headed and avoided the sky-is-falling rhetoric of their counterparts in the U.S., where Senator Dianne Feinstein, who chairs the Senate select committee on intelligence, stated earlier this month that “an Internet connection and an encrypted message application” is all Islamic State militants need to carry out an attack.

If this issue is going to be given some weight, Mr. Parsons suggested, “committee meetings that very seriously look into this while there isn’t a terror moment, it’s the ideal way of going.”